﻿As the digital world grows so do the security threats. Advanced Threat Protection is one possible route to security

Digital India, with its digital connectivity bringing together close to 1.2 billion people is on the cusp of realization as millions of people, devices and machines are already getting hyper-connected across the country each day. But as much of Digital India; from critical communications network to power distribution, from financial well-being to e-governance depends on the robustness of the cyber network. Therein lies the threat posed by the spread of malware, misinformation and systemic cyber-attacks. To address this huge challenge and acquire unprecedented collective action, The Economic Times and worldwide leader in cyber security, Symantec held a Round Table Discussion on the topic of 'Security An Imperative for Digital India' in Delhi. The discussion focused on the potential new age cyber threats, understanding the scope of the disruption these threats pose to a nation's government, businesses and citizens alike, and the requisite elements needed in creating a strong, secure Digita India. Cyber security for Digital India is an imperative that needs addressing now; security has to be a part of the infrastructure itself and not an afterthought.Businesses and organisations are equally at risk. Today, for all companies, big or small, data is weapon that needs to be protected. On a personal level, the loss of data impacts all aspects of our life today.And last but not least, everything today generates data and most of it is vulnerable.

Thus, the threat from cyber attacks and malware is not only apparent, but also worrisome. Attackers are compromising computer systems in different parts of the world and use masquerading techniques and hidden servers to hide the identity of actual systems from which the attacks are launched. Target audience of hackers are evolving , for example, high-net-worth individuals can be now be easily identified through a vista of social media channels that allow attackers to ascertain certain online patterns and the cyber behaviours of these individuals.

Various reports from security and analyst firms suggest that India will continue to become a strategic target, as attackers are exploiting gaps to compromise critical networks, and that Indian organisations are more likely to be exposed to attacks than the global average. Digitization will only expose more sensitive data to threat groups who want to seek access to intellectual property, intelligence and critical infrastructure for financial gains. Cyber criminals from around the world are involved in hacking and launching attacks on computer networks of Indian organisations. The government will need to focus on creation of laws related to the use of ICT, protection of intellectual property and access to digital content, among other parameters for the success of 'Digital India'. A holistic data protection regime needs to be incorporated in the law to make it more effective.

Some of the challenges around creating a secured environment for both the government and enterprises include ignorance of security incidents or limited ability to detect; not adapting to emerging risks around mobile, cloud and social, lack of cyber skills and not optimizing spending on security.

Organisations are dealing with adversaries who are invisible and conceal their real identity using various exploits against specific security infrastructure. Modern day attackers are increasingly using targeted and new unknown variants of malware to sneak past traditional security solutions. A serious threat amongst them is an Advanced Persistent Threat or APT that uses multiple phases to break into a network, avoid detection, and harvest valuable information over the long term.

Hackers who employ APTs are a different breed, and a real and regular threat to the world's governments, companies and networks.They are well organized and funded with a clear goal to steal valuable intellectual property, such as confidential project descriptions, contracts, and patent information. In recent times, cybercriminals have been responsible for a number of APT attacks.

Ransom-ware is another concern that has emerged as one of the most troublesome malware categories. The threat is known for locking computers or encrypting files to compel users into handing over their money. As per Symantec's Internet Security Threat Report released in April this year, India ranked third highest in the Asia Pacific region for ransomware attacks with over 60,000 attacks received per year or about 7 attacks per hour with a staggering 86 per cent being crypto ransomware. Promptly deploying newer technologies to track and trace attackers is one way to identify suspicious objects and actions from security event data feeds that alert of high-risk events occurring. The session also witnessed the launch of Symantec's Advanced Threat Protection or ATP solution, which the company claimed is the first offering in the industry to uncover, prioritize and remediate the most advanced attacks across end point, networks and email.

Security solutions should work intelligently together as an integrated, adaptive system to constitute a complete protection process for advanced threats. It is important that security awareness is inculcated in product and process design, to enable large scale adoption by firsttime users and increase their trust in order to truly gain from the Digital India programme.

Though there exists numerous security solutions in the market, trusting only the technology of a security solution is not enough.It is imperative to have an effective security strategy. Chief Information Officers (CIOs) and Chief Information Security officers (CISOs) need to steer their organizations through the intersection of digital business and increasing IT risk and cybersecurity threats to create resilience and differentiate their organizations.

In the context of the 'Digital India' initiative, technology governance and management, nextgen solutions for monitoring, analysis, and increased capabilities in incident response along with forensics, are the key areas of security to be focused upon while exploring the new success avenues through digital transformation.